State of security

In the document, he outlined how investigators believed the attack had involved "Chinese-based internet protocol [IP] addresses".

He said that the attackers had "full system access" and would have been able to "modify, copy, or delete sensitive files" or "upload hacking tools to steal user credentials and compromise other Nasa systems".

He also noted that "between April 2009 and April 2011, Nasa reported the loss or theft of 48 Agency mobile computing devices".

In one incident an unencrypted notebook computer was lost containing details of the algorithms - the mathematical models - used to control the International Space Station.

Nasa told the BBC that "at no point in time have operations of the International Space Station been in jeopardy due to a data breach".

Mixed motives

Mr Martin said Nasa was a "target-rich environment for cyber attacks".

He said that the motivation of the hackers ranged from "individuals testing their skill to break into Nasa systems, to well-organized criminal enterprises hacking for profit, to intrusions that may have been sponsored by foreign intelligence services".

But while Mr Martin criticised aspects of Nasa's cybersecurity he noted investigations had resulted in "arrests and convictions of foreign nationals in China, Great Britain, Italy, Nigeria, Portugal, Romania, Turkey, and Estonia".

Nasa said it was working to implement the security improvements Mr Martin suggested in his testimony.

However the chairman of the congressional subcommittee, Rep Paul Broun,quoted in an online report of proceedings,said: "Despite this progress, the threat to Nasa's information security is persistent, and ever changing. Unless Nasa is able to constantly adapt - their data, systems, and operations will continue to be endangered."